{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-45176","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","state":"PUBLISHED","assignerShortName":"palo_alto","dateReserved":"2026-05-08T23:01:00.502Z","datePublished":"2026-06-11T18:49:00.712Z","dateUpdated":"2026-06-13T03:55:47.522Z"},"containers":{"cna":{"providerMetadata":{"orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto","dateUpdated":"2026-06-11T18:49:00.712Z"},"title":"Idira Endpoint Privilege Manager Agent: Local Privilege Escalation via Internal Communication or File Operation Manipulation","datePublic":"2026-06-11T17:10:00.000Z","problemTypes":[{"descriptions":[{"lang":"en","cweId":"CWE-269","description":"[Discouraged] CWE-269: Improper Privilege Management","type":"CWE"}]}],"impacts":[{"capecId":"CAPEC-233","descriptions":[{"lang":"en","value":"CAPEC-233 Privilege Escalation"}]}],"affected":[{"vendor":"CyberArk Software, a Palo Alto Networks Company","product":"Idira Endpoint Privilege Manager","platforms":["Windows","macOS","Linux"],"versions":[{"status":"affected","version":"26.0","lessThan":"26.5","changes":[{"at":"26.5","status":"unaffected"}],"versionType":"custom"}],"defaultStatus":"unaffected"}],"cpeApplicability":[{"operator":"OR","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cyberark_software_a_palo_alto_networks_company:idira_endpoint_privilege_manager:*:*:windows:*:*:*:*:*","versionStartIncluding":"26.0","versionEndExcluding":"26.5"},{"vulnerable":true,"criteria":"cpe:2.3:a:cyberark_software_a_palo_alto_networks_company:idira_endpoint_privilege_manager:*:*:macos:*:*:*:*:*","versionStartIncluding":"26.0","versionEndExcluding":"26.5"},{"vulnerable":true,"criteria":"cpe:2.3:a:cyberark_software_a_palo_alto_networks_company:idira_endpoint_privilege_manager:*:*:linux:*:*:*:*:*","versionStartIncluding":"26.0","versionEndExcluding":"26.5"}]}]}],"descriptions":[{"lang":"en","value":"Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within high-privileged agent components. A local, low-privileged attacker could exploit this by manipulating an internal communication mechanism or file operation. Under specific circumstances, this could potentially allow the attacker to bypass permission restrictions and execute unauthorized local actions with elevated privileges. CyberArk Security Bulletin: CA26-19","supportingMedia":[{"type":"text/html","base64":false,"value":"Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within high-privileged agent components. A local, low-privileged attacker could exploit this by manipulating an internal communication mechanism or file operation. Under specific circumstances, this could potentially allow the attacker to bypass permission restrictions and execute unauthorized local actions with elevated privileges. CyberArk Security Bulletin: CA26-19"}]}],"references":[{"url":"https://docs.cyberark.com/epm/latest/en/content/release%20notes/rn-os-windows.htm#Version2650","tags":["vendor-advisory"]},{"url":"https://docs.cyberark.com/epm/latest/en/content/release%20notes/rn-os-macos.htm#Version2650","tags":["vendor-advisory"]},{"url":"https://docs.cyberark.com/epm/latest/en/content/release%20notes/rn-os-linux.htm#Version2650","tags":["vendor-advisory"]}],"metrics":[{"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}],"cvssV4_0":{"attackVector":"LOCAL","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","subConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","subIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"HIGH","exploitMaturity":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"AMBER","version":"4.0","baseSeverity":"HIGH","baseScore":8.9,"vectorString":"CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/U:Amber"}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","supportingMedia":[{"type":"text/html","base64":false,"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue."}]}],"timeline":[{"time":"2026-06-11T17:10:00.000Z","lang":"en","value":"Initial publication."}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue","type":"finder"}],"source":{"discovery":"UNKNOWN"},"x_generator":{"engine":"Vulnogram 0.1.0-dev"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-06-12T00:00:00+00:00","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3","id":"CVE-2026-45176"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-06-13T03:55:47.522Z"}}]}}